SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.unidentified_004 (Back to overview)

Unidentified ELF 004

Actor(s): APT31

Implant used by APT31 on compromised SOHO infrastructure, tries to camouflage as a tool ("unifi-video") related to Ubiquiti UniFi surveillance cameras.

References
2021-11-10SekoiaCyber Threat Intelligence team
@online{team:20211110:walking:cc41f24, author = {Cyber Threat Intelligence team}, title = {{Walking on APT31 infrastructure footprints}}, date = {2021-11-10}, organization = {Sekoia}, url = {https://www.sekoia.io/en/walking-on-apt31-infrastructure-footprints/}, language = {English}, urldate = {2021-11-11} } Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike

There is no Yara-Signature yet.